fix(portproxy): Extend domain input validation to support string arrays in port proxy configurations.

changelog.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2025-02-27 - 3.16.9 - fix(portproxy)
+Extend domain input validation to support string arrays in port proxy configurations.
+
+- Modify IDomainConfig interface to allow domain specification as string array.
+- Update connection setup logic to handle multiple domain patterns.
+- Enhance domain rejection logging to include all domain patterns.
+
 ## 2025-02-27 - 3.16.8 - fix(PortProxy)
 Fix IP filtering for domain and global default allowed lists and improve port-based routing logic.
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '3.16.8',
+  version: '3.16.9',
   description: 'A robust and versatile proxy package designed to handle high workloads, offering features like SSL redirection, port proxying, WebSocket support, and customizable routing and authentication.'
 }

ts/classes.portproxy.ts

@@ -2,9 +2,9 @@ import * as plugins from './plugins.js';
 
 /** Domain configuration with per‐domain allowed port ranges */
 export interface IDomainConfig {
-  domain: string;         // Glob pattern for domain
-  allowedIPs: string[];   // Glob patterns for allowed IPs
-  targetIP?: string;      // Optional target IP for this domain
+  domain: string | string[];         // Glob pattern or patterns for domain(s)
+  allowedIPs: string[];              // Glob patterns for allowed IPs
+  targetIP?: string;                 // Optional target IP for this domain
   portRanges?: Array<{ from: number; to: number }>; // Optional domain-specific allowed port ranges
 }
 
@@ -213,12 +213,18 @@ export class PortProxy {
         // If a forcedDomain is provided (port-based routing), use it; otherwise, use SNI-based lookup.
         const domainConfig = forcedDomain
           ? forcedDomain
-          : (serverName ? this.settings.domains.find(config => plugins.minimatch(serverName, config.domain)) : undefined);
+          : (serverName ? this.settings.domains.find(config => {
+              if (typeof config.domain === 'string') {
+                return plugins.minimatch(serverName, config.domain);
+              } else {
+                return config.domain.some(d => plugins.minimatch(serverName, d));
+              }
+            }) : undefined);
 
         // If a matching domain config exists, check its allowedIPs.
         if (domainConfig) {
           if (!isAllowed(remoteIP, domainConfig.allowedIPs)) {
-            return rejectIncomingConnection('rejected', `Connection rejected: IP ${remoteIP} not allowed for domain ${domainConfig.domain}`);
+            return rejectIncomingConnection('rejected', `Connection rejected: IP ${remoteIP} not allowed for domain ${Array.isArray(domainConfig.domain) ? domainConfig.domain.join(', ') : domainConfig.domain}`);
           }
         } else if (this.settings.defaultAllowedIPs) {
           // Only check default allowed IPs if no domain config matched.
@@ -241,7 +247,7 @@ export class PortProxy {
 
         console.log(
           `Connection established: ${remoteIP} -> ${targetHost}:${connectionOptions.port}` +
-          `${serverName ? ` (SNI: ${serverName})` : forcedDomain ? ` (Port-based for domain: ${forcedDomain.domain})` : ''}`
+          `${serverName ? ` (SNI: ${serverName})` : forcedDomain ? ` (Port-based for domain: ${Array.isArray(forcedDomain.domain) ? forcedDomain.domain.join(', ') : forcedDomain.domain})` : ''}`
         );
 
         if (initialChunk) {
@@ -336,11 +342,11 @@ export class PortProxy {
           );
           if (forcedDomain) {
             if (!isAllowed(remoteIP, forcedDomain.allowedIPs)) {
-              console.log(`Connection from ${remoteIP} rejected: IP not allowed for domain ${forcedDomain.domain} on port ${localPort}.`);
+              console.log(`Connection from ${remoteIP} rejected: IP not allowed for domain ${Array.isArray(forcedDomain.domain) ? forcedDomain.domain.join(', ') : forcedDomain.domain} on port ${localPort}.`);
               socket.end();
               return;
             }
-            console.log(`Port-based connection from ${remoteIP} on port ${localPort} matched domain ${forcedDomain.domain}.`);
+            console.log(`Port-based connection from ${remoteIP} on port ${localPort} matched domain ${Array.isArray(forcedDomain.domain) ? forcedDomain.domain.join(', ') : forcedDomain.domain}.`);
             setupConnection('', undefined, forcedDomain, localPort);
             return;
           }